package com.osfw.framework.utils.security;

import cn.dev33.satoken.exception.*;
import com.osfw.framework.constants.Constants;
import com.osfw.framework.constants.PermissionConstants;
import com.osfw.framework.constants.SaTokenConstants;
import com.osfw.framework.utils.MessageUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.HashMap;
import java.util.Map;

/**
 * SaToken 工具类
 */
public class SaTokenUtils {
    private static final Logger log = LoggerFactory.getLogger(SaTokenUtils.class);

    private static final String VIEW_PATH_401 = "/osfw/error/401";
    private static final String VIEW_PATH_40102 = "/osfw/auth";
    private static final String VIEW_PATH_403 = "/osfw/error/403";
    private static final String VIEW_PATH_500 = "/osfw/error/500";

    /**
     * SaTokenException 消息提醒
     *
     * @param e SaToken异常
     * @return 提示信息
     */
    public static Map<String, String> getViewAndMsg(SaTokenException e) {
        Map<String, String> resutlt = new HashMap() {{put("code", "500");put("redirectView", VIEW_PATH_500);put("errorMessage", e.getMessage());}};

        if (e instanceof NotBasicAuthException) {
            resutlt.put("redirectView", null);
            resutlt.put("errorMessage", MessageUtils.message("user.login.basic.not", null));
        } else if (e instanceof NotLoginException) {
            resutlt.put("redirectView", VIEW_PATH_401);
            resutlt.put("errorMessage", getLoginMsg(((NotLoginException) e).getType()));
        } else if (e instanceof NotPermissionException) {
            resutlt.put("redirectView", VIEW_PATH_403);
            resutlt.put("errorMessage", getPermissionMsg(((NotPermissionException) e).getPermission()));
        } else if (e instanceof NotRoleException) {
            resutlt.put("redirectView", VIEW_PATH_403);
            resutlt.put("errorMessage", "缺少角色：" + ((NotRoleException) e).getRole());
        } else if (e instanceof NotSafeException) {
            resutlt.put("code", "412");
            resutlt.put("redirectView", VIEW_PATH_403);
            resutlt.put("errorMessage", "二级认证校验失败异常");
        } else if (e instanceof DisableServiceException) {
            String errorMessage = MessageUtils.message("user.login.disbale", null);
            if (((DisableServiceException) e).getDisableTime() != -1l) {
                errorMessage = MessageUtils.message("user.login.disbale", "，" + ((DisableServiceException) e).getDisableTime() + "秒后解封");
            }
            resutlt.put("redirectView", VIEW_PATH_403);
            resutlt.put("errorMessage", errorMessage);
        }

        return resutlt;
    }

    /**
     * 认证错误消息提醒
     *
     * @param exceptionType 异常类型
     * @return 提示信息
     */
    private static String getLoginMsg(String exceptionType) {
        String msg;
        switch (exceptionType) {
            case SaTokenConstants.TEMP_NOT_TOKEN:
                msg = MessageUtils.message("user.auth.not", null);
                break;
            case SaTokenConstants.TEMP_INVALID_TOKEN:
                msg = MessageUtils.message("user.auth.invalid", null);
                break;
            case SaTokenConstants.TEMP_TOKEN_TIMEOUT:
                msg = MessageUtils.message("user.auth.timeout", null);
                break;
            case NotLoginException.NOT_TOKEN:
                msg = MessageUtils.message("user.login.not", null);
                break;
            case NotLoginException.INVALID_TOKEN:
                msg = MessageUtils.message("user.login.invalid", null);
                break;
            case NotLoginException.TOKEN_TIMEOUT:
                msg = MessageUtils.message("user.login.timeout", null);
                break;
            case NotLoginException.BE_REPLACED:
                msg = MessageUtils.message("user.login.replaced", null);
                break;
            case NotLoginException.KICK_OUT:
                msg = MessageUtils.message("user.login.kickout", null);
                break;
            case NotLoginException.TOKEN_FREEZE:
                msg = MessageUtils.message("user.login.freeze", null);
                break;
            case NotLoginException.NO_PREFIX:
                msg = MessageUtils.message("user.login.invalid", null);
                break;
            default:
                msg = MessageUtils.message("user.login.error", null);
        }
        return msg;
    }

    /**
     * 权限错误消息提醒
     *
     * @param permission 错误信息
     * @return 提示信息
     */
    private static String getPermissionMsg(String permission) {
        String msg = MessageUtils.message("no.permission", permission);
        if (StringUtils.endsWithIgnoreCase(permission, PermissionConstants.ADD_PERMISSION)) {
            msg = MessageUtils.message("no.create.permission", permission);
        } else if (StringUtils.endsWithIgnoreCase(permission, PermissionConstants.EDIT_PERMISSION)) {
            msg = MessageUtils.message("no.update.permission", permission);
        } else if (StringUtils.endsWithIgnoreCase(permission, PermissionConstants.REMOVE_PERMISSION)) {
            msg = MessageUtils.message("no.delete.permission", permission);
        } else if (StringUtils.endsWithIgnoreCase(permission, PermissionConstants.EXPORT_PERMISSION)) {
            msg = MessageUtils.message("no.export.permission", permission);
        } else if (StringUtils.endsWithAny(permission, new String[]{PermissionConstants.VIEW_PERMISSION, PermissionConstants.LIST_PERMISSION})) {
            msg = MessageUtils.message("no.view.permission", permission);
        }
        return msg;
    }

}
